1669 matches found
PT-2025-16402
Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 8.0.0 through 8.0.41 Oracle MySQL versions 8.4.0 through 8.4.4 Oracle MySQL versions 9.0.0 through 9.2.0 Description A vulnerability in the MySQL Server product allows a low-privileged attacker with network access via...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL Server, which stems from improper handling of the Server: DDL component and can be exploited by an...
Oracle MySQL 安全漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from improper handling of the Server: DML component and can be exploited by an attacker to cause a denial of service...
PT-2025-16449
Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 8.0.0 through 8.0.41 Oracle MySQL versions 8.4.0 through 8.4.4 Oracle MySQL versions 9.0.0 through 9.2.0 Description A vulnerability in the MySQL Server product allows a high-privileged attacker with network access via...
CVE-2025-21490 affecting package mysql for versions less than 8.0.41-1
CVE-2025-21490 affecting package mysql for versions less than 8.0.41-1. An upgraded version of the package is available that resolves this issue...
Pandora FMS authenticated command injection leading to RCE via chromium_path or phantomjs_bin
Pandora FMS is a monitoring solution that provides full observability for your organization's technology. This module exploits an command injection vulnerability in the chromium-path or phantomjs-bin directory setting at the application settings page of Pandora FMS. You need have admin access at...
CVE-2025-30224
MyDumper is a MySQL Logical Backup Tool. The MySQL C client library libmysqlclient allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted...
CVE-2025-30224 MyDumper arbitrary file read issue
MyDumper is a MySQL Logical Backup Tool. The MySQL C client library libmysqlclient allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted...
CVE-2024-11053 affecting package mysql for versions less than 8.0.41-1
CVE-2024-11053 affecting package mysql for versions less than 8.0.41-1. An upgraded version of the package is available that resolves this issue...
RHEL 7 : mariadb-galera (RHSA-2016:2060)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2060 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for...
Linux Distros Unpatched Vulnerability : CVE-2024-21179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easi...
Linux Distros Unpatched Vulnerability : CVE-2024-21160
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easi...
Linux Distros Unpatched Vulnerability : CVE-2024-20994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.36 and prior and...
Linux Distros Unpatched Vulnerability : CVE-2024-21162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and...
Linux Distros Unpatched Vulnerability : CVE-2012-5627
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the changeuser...
Linux Distros Unpatched Vulnerability : CVE-2018-2767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.5.60 and prio...
Linux Distros Unpatched Vulnerability : CVE-2018-2761
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and...
Linux Distros Unpatched Vulnerability : CVE-2016-6663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and...
Linux Distros Unpatched Vulnerability : CVE-2017-3291
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Packaging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34...
Linux Distros Unpatched Vulnerability : CVE-2016-0600
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before...